Credential vault API - GET all credentials

This API is deprecated. Use the Credential vault API from the Environment API instead.

Lists all credentials for synthetic monitors stored in your environment.

The request produces an application/json payload.

GETSaaShttps://{your-environment-id}.live.dynatrace.com/api/config/v1/credentials
Environment ActiveGatehttps://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/credentials

Authentication

To execute this request, you need an access token with credentialVault.read scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter
Type
Description
In
Required
type
string

Filters the result by the specified credentials type.

  • CERTIFICATE
  • USERNAME_PASSWORD
  • TOKEN
  • SNMPV3
query
optional

Response

Response codes

Code
Type
Description
200

Success

Response body objects

The CredentialsList object

A list of credentials sets for Synthetic monitors.

Element
Type
Description
credentials

A list of credentials sets for Synthetic monitors.

nextPageKey
string
-
pageSize
integer
-
totalCount
integer
-

The CredentialsResponseElement object

Metadata of the credentials set.

Element
Type
Description
allowContextlessRequests
boolean

Allow access without app context, for example, from ad hoc functions in Workflows (requires the APP_ENGINE scope).

allowedEntities

The set of entities allowed to use the credential.

credentialUsageSummary

The list contains summary data related to the use of credentials.

description
string

A short description of the credentials set.

externalVault

Configuration for external vault synchronization for username and password credentials.

id
string

The ID of the credentials set.

name
string

The name of the credentials set.

owner
string

The owner of the credential (user for which used API token was created).

ownerAccessOnly
boolean

Flag indicating that this credential is visible only to the owner.

scope
string

The scope of the credentials set.

  • APP_ENGINE
  • EXTENSION
  • SYNTHETIC
scopes
string[]

The set of scopes of the credentials set.

  • APP_ENGINE
  • EXTENSION
  • SYNTHETIC
type
string

The type of the credentials set.

  • AWS_MONITORING_KEY_BASED
  • AWS_MONITORING_ROLE_BASED
  • CERTIFICATE
  • PUBLIC_CERTIFICATE
  • SNMPV3
  • TOKEN
  • UNKNOWN
  • USERNAME_PASSWORD

The CredentialAccessData object

The set of entities allowed to use the credential.

Element
Type
Description
id
string
-
type
string
-
  • APPLICATION
  • UNKNOWN
  • USER

The CredentialUsageHandler object

Keeps information about credential's usage.

Element
Type
Description
count
integer

The number of uses.

type
string

Type of usage.

The ExternalVaultConfig object

Configuration for external vault synchronization for username and password credentials.

Element
Type
Description
credentialsUsedForExternalSynchronization
string[]
-
passwordSecretName
string
-
sourceAuthMethod
string

Defines the actual set of fields depending on the value. See one of the following objects:

  • HASHICORP_VAULT_APPROLE -> HashicorpApproleConfig
  • HASHICORP_VAULT_CERTIFICATE -> HashicorpCertificateConfig
  • AZURE_KEY_VAULT_CLIENT_SECRET -> AzureClientSecretConfig
  • CYBERARK_VAULT_USERNAME_PASSWORD -> CyberArkUsernamePasswordConfig
  • CYBERARK_VAULT_ALLOWED_LOCATION -> CyberArkAllowedLocationConfig
  • AZURE_KEY_VAULT_CLIENT_SECRET
  • CYBERARK_VAULT_ALLOWED_LOCATION
  • CYBERARK_VAULT_USERNAME_PASSWORD
  • HASHICORP_VAULT_APPROLE
  • HASHICORP_VAULT_CERTIFICATE
tokenSecretName
string
-
type
string
-
  • AZURE_CERTIFICATE_MODEL
  • AZURE_CLIENT_SECRET_MODEL
  • CYBERARK_VAULT_ALLOWED_LOCATION_MODEL
  • CYBERARK_VAULT_USERNAME_PASSWORD_MODEL
  • HASHICORP_APPROLE_MODEL
  • HASHICORP_CERTIFICATE_MODEL
usernameSecretName
string
-
vaultUrl
string
-

Response body JSON model

{
  "credentials": [
    {
      "credentialUsageSummary": [
        {
          "HTTP_MONITOR": 4
        }
      ],
      "description": "Sample credentials for demo purposes",
      "id": "CREDENTIALS_VAULT-E80203F993472E6D",
      "name": "Sample username-password credentials",
      "owner": "admin",
      "ownerAccessOnly": true,
      "scope": "SYNTHETIC",
      "type": "USERNAME_PASSWORD"
    },
    {
      "credentialUsageSummary": [],
      "description": "Sample credentials for demo purposes",
      "id": "CREDENTIALS_VAULT-842DEF439999E15B",
      "name": "Sample certificate credentials",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": true,
      "scope": "EXTENSION",
      "type": "CERTIFICATE"
    },
    {
      "credentialUsageSummary": [
        {
          "BROWSER_MONITOR": 11,
          "HTTP_MONITOR": 4
        }
      ],
      "description": "Sample token for demo purposes",
      "id": "CREDENTIALS_VAULT-854345639999E15B",
      "name": "Sample token credentials",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": true,
      "scope": "SYNTHETIC",
      "type": "TOKEN"
    },
    {
      "awsPartition": "CHINA",
      "description": "Sample AWS credentials for demo purposes",
      "id": "CREDENTIALS_VAULT-12ABB17F0D93F8AF",
      "name": "Sample AWS key based credentials",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": true,
      "scopes": [
        "CLOUDS_MONITORING_AUTHENTICATION"
      ],
      "type": "AWS_MONITORING_KEY_BASED"
    },
    {
      "accountID": "123456789012",
      "description": "Sample AWS credentials for demo purposes",
      "externalID": "21cf07eb-4812-4de7-d5b9-6189c5951ad4",
      "iamRole": "Dynatrace_monitoring_role",
      "id": "CREDENTIALS_VAULT-08D0C2A011411D64",
      "name": "Sample AWS role based credentials",
      "owner": "John.Doe@domain.com",
      "ownerAccessOnly": true,
      "scopes": [
        "CLOUDS_MONITORING_AUTHENTICATION"
      ],
      "type": "AWS_MONITORING_ROLE_BASED"
    }
  ]
}

Example

In this example, the request lists all credentials of the USERNAME_PASSWORD type from the mySampleEnv environment.

The API token is passed in the Authorization header.

The result is truncated to two entries.

Curl

curl -X GET \
  'https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD' \
  -H 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

https://mySampleEnv.live.dynatrace.com/api/config/v1/credentials/?type=USERNAME_PASSWORD

Response body

{
  "credentials": [
    {
      "name": "easyTravel",
      "id": "CREDENTIALS_VAULT-9415C41E3649FE3C",
      "type": "USERNAME_PASSWORD",
      "description": "Credentials for easyTravel test app"
    },
    {
      "name": "google.com",
      "id": "CREDENTIALS_VAULT-E6D8ED717C9689B2",
      "type": "USERNAME_PASSWORD",
      "description": "google.com"
    }
  ]
}

Response code

200

Related topics